Mayastor, Velero, Rancher improved, Local storage
This commit is contained in:
parent
53c5c1f17e
commit
0fcc97a6d0
16
README.md
16
README.md
|
@ -10,7 +10,17 @@ git clone --recurse-submodules git@git.snel.com:snelcom-ansible/snel.ansible.
|
|||
|
||||
## Install on macOS
|
||||
```zsh
|
||||
brew install ansible ansible-lint packer jq siderolabs/talos/talosctl kubernetes-cli helm bitwarden-cli
|
||||
brew install \
|
||||
ansible \
|
||||
ansible-lint \
|
||||
packer \
|
||||
jq \
|
||||
siderolabs/talos/talosctl \
|
||||
kubernetes-cli \
|
||||
helm \
|
||||
bitwarden-cli \
|
||||
velero
|
||||
helm plugin install https://github.com/databus23/helm-diff
|
||||
bw config server 'https://pw.snel.com/'
|
||||
python3 -m pip install --upgrade --requirement ./requirements.txt
|
||||
ansible-galaxy install --force --role-file ./requirements.yml
|
||||
|
@ -20,11 +30,13 @@ source ~/.zshrc
|
|||
```
|
||||
|
||||
## Use
|
||||
### Login on Vaultwarden:
|
||||
### First time: Login on Vaultwarden:
|
||||
```zsh
|
||||
bw login
|
||||
```
|
||||
|
||||
### Execute playbook
|
||||
```zsh
|
||||
export BW_SESSION=$(bw unlock --raw) && \
|
||||
ansible-playbook site.yml --limit customer_deovero
|
||||
```
|
|
@ -4,19 +4,20 @@ machine:
|
|||
extraArgs:
|
||||
rotate-server-certificates: true
|
||||
extraMounts:
|
||||
- destination: /var/storage
|
||||
- destination: /var/local
|
||||
type: bind
|
||||
source: /var/storage
|
||||
source: /var/local
|
||||
options:
|
||||
- bind
|
||||
- rshared
|
||||
- rw
|
||||
sysctls:
|
||||
vm.nr_hugepages: 1024
|
||||
# https://www.talos.dev/v1.5/kubernetes-guides/configuration/storage/
|
||||
vm.nr_hugepages: "1024"
|
||||
# https://github.com/siderolabs/talos/issues/4654#issuecomment-1025125034
|
||||
vm.max_map_count: 262144
|
||||
vm.overcommit_memory: 1
|
||||
vm.swappiness: 1
|
||||
vm.max_map_count: "262144"
|
||||
vm.overcommit_memory: "1"
|
||||
vm.swappiness: "1"
|
||||
install:
|
||||
extensions:
|
||||
- image: ghcr.io/siderolabs/iscsi-tools:v0.1.4
|
||||
|
|
|
@ -0,0 +1,17 @@
|
|||
---
|
||||
velero_s3_access_key_id: !vault |
|
||||
$ANSIBLE_VAULT;1.1;AES256
|
||||
66383464636530323164316130343739326666386366306136613735623339616534316437653834
|
||||
3439316330613635353365313233623135373231383530360a346633353866363761653361636635
|
||||
38336239353864376361376330646663383732303931643332386633636139343131643836663763
|
||||
3936366230633033660a663037613461663963383834396532663232316539333966616436636565
|
||||
38333133613238316432376134636366323631313365623162623235306463343565
|
||||
|
||||
velero_s3_secret_access_key: !vault |
|
||||
$ANSIBLE_VAULT;1.1;AES256
|
||||
65396337666437326265353433656566653730323432326262353962303933613030333839336566
|
||||
3336333533396333646566336130623930646532616430320a376630326135396639333665316636
|
||||
30646436663565353435663730633539323134633062636133633332613565646630356461303063
|
||||
3966653732666232390a616336623630633239303161373764363664316338653362303062353766
|
||||
65326237363238333961633730363362323862313563333161323866663430643263386437393931
|
||||
3465343837643236326561633631393830313264326632633435
|
|
@ -1,10 +1,2 @@
|
|||
---
|
||||
talos_generic_config_dir: "{{ ansible_root_dir }}/configs/talos"
|
||||
talos_cluster_config_dir: "{{ ansible_root_dir }}/configs/{{ cluster_name }}"
|
||||
talos_cluster_secrets_file: "{{ talos_cluster_config_dir }}/talos-secrets.yaml"
|
||||
talos_control_lb_hostname: "control.{{ cluster_name }}"
|
||||
talos_node_config_file: "{{ talos_cluster_config_dir }}/talos-{{ inventory_hostname }}.yaml"
|
||||
talosconfig: "{{ talos_cluster_config_dir }}/talosconfig.yaml"
|
||||
kubeconfig: "{{ talos_cluster_config_dir }}/kubeconfig.yaml"
|
||||
talos_image_version: v1.4.7
|
||||
talos_version: v1.5.1
|
||||
# See playbooks/snel.kubernetes-cluster/roles/common/defaults/main.yml for playbook defaults
|
||||
|
|
|
@ -1 +1 @@
|
|||
Subproject commit ce228aad70dc39c275a9593ada7e52796ea82173
|
||||
Subproject commit d19eb2678cb0429c103ef615eb1c5020c3f30020
|
|
@ -0,0 +1,38 @@
|
|||
---
|
||||
apiVersion: v1
|
||||
kind: Namespace
|
||||
metadata:
|
||||
name: storage-test
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: PersistentVolumeClaim
|
||||
metadata:
|
||||
name: storage-pvc
|
||||
namespace: storage-test
|
||||
spec:
|
||||
accessModes:
|
||||
- ReadWriteOnce
|
||||
resources:
|
||||
requests:
|
||||
storage: 500Mi
|
||||
---
|
||||
kind: Pod
|
||||
apiVersion: v1
|
||||
metadata:
|
||||
name: ubuntu-pod
|
||||
namespace: storage-test
|
||||
spec:
|
||||
volumes:
|
||||
- name: storage-vol
|
||||
persistentVolumeClaim:
|
||||
claimName: storage-pvc
|
||||
containers:
|
||||
- name: ubuntu
|
||||
image: ubuntu:latest
|
||||
command: [ "/bin/bash", "-c", "--" ]
|
||||
args: [ "while true; do sleep 30; done;" ]
|
||||
volumeMounts:
|
||||
- mountPath: /volume
|
||||
name: storage-vol
|
||||
|
||||
# kubectl exec -n storage-test ubuntu-pod -it -- bash
|
Loading…
Reference in New Issue